add reader validation for .rela.plt and DT_PLT* consistency

katsyoshi · katsyoshi · commit 5a9f29db16f8 · 2026-02-21T22:00:30.000+09:00
diff --git a/lib/caotral/binary/elf/reader.rb b/lib/caotral/binary/elf/reader.rb
@@ -143,6 +143,8 @@ def validate_relocations
           rela_dyn = @context.sections.find { |section| section.section_name.to_s == ".rela.dyn" }
           pt_load = @context.program_headers.find { |ph| ph.type == :LOAD }
           dynamic = @context.sections.find { |section| section.section_name.to_s == ".dynamic" }
+          rela_plt = @context.sections.find { |section| section.section_name.to_s == ".rela.plt" }
+          failed_messages = []
           unless rela_dyn && pt_load && dynamic
             data = [
               rela_dyn ? nil : ".rela.dyn section",
@@ -160,15 +162,25 @@ def validate_relocations
             val = 24 if dyn.rela_ent?
             next unless val
             if dyn.un != val
-              raise Caotral::Binary::ELF::Error, "Invalid dynamic section entry: expected #{val}, got #{dyn.un}"
+              failed_messages << "Invalid dynamic section entry: expected #{val}, got #{dyn.un}"
             end
           end
 
           valid_range = (pt_load.vaddr...(pt_load.vaddr + pt_load.memsz))
           unless rela_dyn.body.all? { |rel| valid_range.include?(rel.offset) }
-            raise Caotral::Binary::ELF::Error, "Relocation entries in .rela.dyn exceed LOAD segment range"
+            failed_messages << "Relocation entries in .rela.dyn exceed LOAD segment range"
           end
 
+          if rela_plt
+            dynamic.body.find { |dt| dt.jmp_rel? }&.un == rela_plt.header.addr || failed_messages << "Dynamic section entry DT_JMPREL does not match .rela.plt address"
+            dynamic.body.find { |dt| dt.plt_rel_size? }&.un == rela_plt.header.size || failed_messages << "Dynamic section entry DT_PLTRELSZ does not match .rela.plt size"
+            dynamic.body.find { |dt| dt.plt_rel? }&.un == 7 || failed_messages << "Dynamic section entry DT_PLTREL does not indicate RELA type"
+            rela_plt.body.each do |rel|
+              valid_range.include?(rel.offset) || failed_messages << "Relocation entries in .rela.plt exceed LOAD segment range"
+              rela_type_name(rel.type) == :AMD64_JUMP_SLOT || failed_messages << "Unexpected relocation type in .rela.plt: #{rel.type_name}"
+            end
+          end
+          raise Caotral::Binary::ELF::Error, failed_messages.join("\n") unless failed_messages.empty?
           true
         end
 
@@ -182,7 +194,8 @@ def decision(input)
           end
         end
 
-        def type(num) = Caotral::Binary::ELF::SectionHeader::SHT_BY_VALUE.fetch(num, :unknown)
+        def section_type_name(num) = Caotral::Binary::ELF::SectionHeader::SHT_BY_VALUE.fetch(num, :unknown)
+        def rela_type_name(num) = Caotral::Binary::ELF::Section::Rel::TYPES_BY_V.fetch(num, :unknown)
       end
     end
   end
